Applies to: Exchange Server 2013, Exchange Online

Topic Last Modified: 2014-03-24

In a hybrid deployment, your users can be in Exchange Online, on-premises, or both and your public folders are either in Exchange Online or on-premises. Public folders can only reside in one place, so you must decide whether your public folders will be in Exchange Online or on-premises. They can’t be in both locations. Public folder mailboxes are synchronized to Exchange Online by the Directory Synchronization service. However, mail-enabled public folders aren’t synchronized across premises.

This topic describes how to synchronize mail-enabled public folders when your users are in Exchange Online and your Exchange 2010 SP3 or Exchange 2007 SP3 RU10 public folders are on-premises.

This topic refers to the Exchange 2010 SP3 and Exchange 2007 SP3 RU10 servers as the legacy Exchange server.

You will sync your mail-enabled public folders using the following scripts, which are initiated by a Windows task that runs in the on-premises environment:

  1. Export-MailPublicFoldersForMigration.ps1   This script exports the mail-enabled public folder objects from the on-premises organization’s Active Directory into a .XML file. You’ll run this script on the legacy Exchange server.

  2. Import-MailPublicFoldersForMigration.ps1   This script uses the .XML file generated by the Export-MailPublicFoldersForMigration.ps1 script to import the mail-enabled public folder objects into Exchange Online. You’ll run this script in Exchange Online.

  3. MailPublicFolder.strings.psd1   This is a support file used by the Import and Export scripts and should be copied to the same location as the preceding scripts.

When you complete this procedure your on-premises and Exchange Online users will be able to access the same on-premises public folder infrastructure.

What hybrid versions of Exchange will work with public folders?

The following table describes the version and location combinations of user mailboxes and public folders that are supported. “Hybrid not applicable” is still a supported scenario, but is not considered a hybrid scenario since both the public folders and the users are residing in the same location.

    On-Premises Exchange 2007 or Exchange 2010 User Mailbox On-Premises Exchange 2013 User Mailbox Exchange Online User Mailbox

On-Premises Exchange 2007 or Exchange 2010 Public Folders

Hybrid not applicable

Hybrid not applicable


On-Premises Exchange 2013 Public Folders

Hybrid not applicable

Hybrid not applicable


Exchange Online Public Folders

Not supported


Hybrid not applicable

A hybrid configuration with Exchange 2003 public folders is not supported. If you’re running Exchange 2003 in your organization, you must move all public folder databases and replicas to Exchange 2007 SP3 RU10 or later. No public folder replicas can remain on Exchange 2003.

What do you need to know before you begin?

  1. These instructions assume that you have used the Hybrid Configuration Wizard to configure and synchronize your on-premises and Exchange Online environments and that the DNS records used for most users’ AutoDiscover references an on-premises end-point. For more information, see Hybrid Configuration wizard.

  2. Implementing legacy public folder coexistence for a hybrid deployment of Exchange with Office 365 may require you to fix conflicts during the import procedure. Conflicts can happen due to non-routable email address assigned to mail enabled public folders, conflicts with other users and groups in Office 365, and other attributes.

  3. These instructions assume your Exchange Online organization has been upgraded to a version that supports public folders.

  4. In Exchange Online, you must be a member of the Organization Management role group. This role group is different from the permissions assigned to you when you subscribe to Exchange Online. For details about how to enable the Organization Management role group, see Manage role groups.

  5. In Exchange 2010, you must be a member of the Organization Management or Server Management RBAC role groups. For details, see Add Members to a Role Group

  6. In Exchange 2007, you need to be assigned the Exchange Organization Administrator role or the Exchange Server Administrator role. In addition, you must be assigned the Public Folder Administrator role and local Administrators group for the target server. For details, see How to Add a User or Group to an Administrator Role

  7. If you have Exchange Server 2007 running on Windows Server 2008 x64, then you must upgrade to Windows PowerShell 2.0 and WinRM 2.0 for Windows Server 2008 x64 Edition. If you have Exchange Server 2007 running on Windows Server 2003 x64, then you must upgrade to Windows PowerShell 2.0. For more information, see Update for Windows Server 2003 x64 Edition..

  8. In order to access public folders cross-premises, users must upgrade their Outlook clients to the November 2012 Outlook public update or later.

    1. To download the November 2012 Outlook update for Outlook 2010, see Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition.

    2. To download the November 2012 Outlook Update for Outlook 2007, see Update for Microsoft Office Outlook 2007 (KB2687404).

  9. Outlook 2011 for Mac is not supported for cross-premises public folders. Users must be in the same location as the public folders to access them with Outlook 2011 for Mac. In addition, users whose mailboxes are in Exchange Online won’t be able to access on-premises public folders using Outlook Web App.

Step 1: Make remote public folders discoverable

  1. If your public folders are on Exchange 2010 or later servers, then you need to install the Client Access Server role on all mailbox servers that have a public folder database. This allows the Microsoft Exchange RpcClientAccess service to be running, which allows for all clients to access public folders. The client access role isn’t required for Exchange 2007 public folder servers, and this step isn’t necessary. For more information, see Install Exchange Server 2010. This step isn’t necessary for Exchange 2007 public folders.

    This server doesn’t have to be part of the Client Access load balancing. For more information, see Understanding Load Balancing in Exchange 2010.
  2. Create an empty mailbox database on each public folder server.

    For Exchange 2010, run the following command. This command excludes the mailbox database from the mailbox provisioning load balancer. This prevents new mailboxes from automatically being added to this database.

    Copy Code
    New-MailboxDatabase -Server <PFServerName_with_CASRole> -Name <NewMDBforPFs> -IsExcludedFromProvisioning $true 

    For Exchange 2007, run the following command:

    Copy Code
    New-MailboxDatabase -StorageGroup "<PFServerName>\StorageGroup>" -Name <NewMDBforPFs>
    We recommend that the only mailbox that you add to this database is the proxy mailbox that you’ll create in step 3. No other mailboxes should be created on this mailbox database.
  3. Create a proxy mailbox within the new mailbox database and hide the mailbox from the address book. The SMTP of this mailbox will be returned by AutoDiscover as the DefaultPublicFolderMailbox SMTP, so that by resolving this SMTP the client can reach the legacy exchange server for public folder access.

    Copy Code
    New-Mailbox -Name <PFMailbox1> -Database <NewMDBforPFs> 
    Copy Code
    Set-Mailbox -Identity <PFMailbox1> -HiddenFromAddressListsEnabled $true
  4. For Exchange 2010, enable AutoDiscover to return the proxy public folder mailboxes. This step isn’t necessary for Exchange 2007.

    Copy Code
    Set-MailboxDatabase <NewMDBforPFs> -RPCClientAccessServer <PFServerName_with_CASRole>
  5. Repeat the preceding steps for every public folder server in your organization.

Step 2: Download the scripts

  1. Download the following files from Microsoft Exchange 2013 Public Folders Directory Sync Support Scripts:

    • Export-MailPublicFoldersForMigration.ps1

    • Import-MailPublicFoldersForMigration.ps1

    • MailPublicFolder.strings.psd1

  2. Save the files to the local computer on which you’ll be running PowerShell. For example, C:\PFScripts.

Step 3: Configure directory synchronization

The Directory Synchronization service doesn’t synchronize mail-enabled public folders. Running the following two scripts will synchronize the mail-enabled public folders across premises.

The scripts in this section should be run only one time. They can’t be used to synchronize changes of your on-premises public folders to Office 365.
  1. On the legacy Exchange server, run the following command to create the .XML file that will export the set of mail-enabled public folders from Active Directory.

    Copy Code
    .\Export-MailPublicFoldersForMigration.ps1 <mail_publicfolders.xml>

    Where mail_publicfolders.xml is the file name and path to a network shared folder that can be accessed from Exchange Online.

  2. In Exchange Online PowerShell, run the following command to import the migration .csv file.

    Copy Code
    .\Import-MailPublicFoldersForMigration.ps1 <mail_publicfolders.xml>
We recommend that you run these scripts daily to synchronize your mail-enabled public folders.

Step 4: Configure Exchange Online users to access on-premises public folders

The final step in this procedure is to configure the Exchange online organization and to allow access to the legacy on-premises public folders.

Enable the exchange online organization to access the on-premises public folders. You will point to all of the proxy public folder mailboxes that you created in Step 1: Make remote public folders discoverable.

Copy Code
Set-OrganizationConfig -PublicFoldersEnabled Remote -RemotePublicFolderMailboxes ProxyMailbox1,ProxyMailbox2,ProxyMailbox3
You must wait until ActiveDirectory synchronization has completed to see the changes. This process may take several hours.

How do I know this worked?

  1. Log on to Outlook for a user who is in Exchange Online and perform the following public folder tests:

    • View the hierarchy.

    • Check permissions

    • Create and delete public folders.

    • Post content to and delete content from a public folder.